package com.yc.sign.web;

import com.yc.sign.web.bean.Result;
import com.yc.sign.web.bean.SignProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.dao.DataAccessException;
import org.springframework.jdbc.core.BeanPropertyRowMapper;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.util.DigestUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpSession;

/**
 * Company 源辰信息
 *
 * @author navy
 * @date 2024/8/25
 * Email haijunzhou@hnit.edu.cn
 */
@RestController
@RequestMapping("sign")
public class SignDo {

    @Autowired
    SignProperties properties;

    @RequestMapping("props")
    SignProperties properties(){
        return properties;
    }

    @Autowired
    JdbcTemplate jdbcTemplate;

    @RequestMapping("login")
    Result login(String username, String password,HttpSession session){
        if(username==null || username.isBlank()){
            return new Result( -1, "请输入账号", null);
        }
        if(password==null || password.isBlank()){
            return new Result( -2, "请输入密码", null);
        }
        Object user;

        if("MD5".equalsIgnoreCase(properties.getEncryption())){
            String sql = "select * from %s where %s = ?";
            sql = String.format(sql, properties.getUserTable(),
                    properties.getPasswordColumn());
            String s = username + password;
            String md5 = DigestUtils.md5DigestAsHex(s.getBytes());
            try {
                user = jdbcTemplate.queryForObject(sql,
                        new BeanPropertyRowMapper<>(properties.getUserClassObject()),
                        md5);
                session.setAttribute(properties.getSessionKey(), user);
            } catch (DataAccessException e){
                e.printStackTrace();
                return new Result( -3, "用户名或密码错误!", null);
            }
        } else {
            // 数据库判断用户
            String sql = "select * from %s where %s = ? and %s = ?";
            sql = String.format(sql, properties.getUserTable(),
                    properties.getUsernameColumn(),
                    properties.getPasswordColumn());
            try {
                user = jdbcTemplate.queryForObject(sql,
                        new BeanPropertyRowMapper<>(properties.getUserClassObject()),
                        username, password);
                session.setAttribute(properties.getSessionKey(), user);
            } catch (DataAccessException e){
                e.printStackTrace();
                return new Result( -3, "用户名或密码错误!", null);
            }
        }
        return new Result( 1, "登录成功!", user);
    }

    @RequestMapping("myinfo")
    Result myinfo(HttpSession session){
        Object user = session.getAttribute(properties.getSessionKey());
        if(user == null){
            return new Result( -1, "未登录", null);
        } else {
            return new Result( 1, "一登录", user);
        }
    }

    @RequestMapping("logout")
    ModelAndView logout(HttpSession session, ModelAndView mav){
        session.invalidate();
        mav.setViewName("redirect:/");
        return mav;
    }

    @RequestMapping("getforgetEmail")
    Result getforgetEmail(String username){
        String sql = "select %s from %s where %s = ?";
        sql = String.format(sql,
                properties.getEmailColumn(),
                properties.getUserTable(),
                properties.getUsernameColumn());
        try{
            String email = jdbcTemplate.queryForObject(sql,
                    String.class,
                    username);
            return new Result(1, "成功获取账号邮箱地址!", email);
        } catch ( DataAccessException e){
            e.printStackTrace();
            return new Result(0, "没有该账号!", null);
        }
    }


}
